[00:04.960 --> 00:15.700]  Hi all. Hope everyone is doing well. In this circumstance, we are having a lot of things going in our life.
[00:15.700 --> 00:20.500]  Apart from that, we are today eager to learn something to grow our knowledge.
[00:20.500 --> 00:25.420]  I am thankful to Payment Village for giving me this opportunity to deliver this wonderful session.
[00:25.420 --> 00:31.960]  And we are going to our session, Architecting Modern Payment Gateway in .NET Core with Azure.
[00:31.960 --> 00:36.980]  Why I took this topic as a concern? What exactly today we are going to discuss?
[00:36.980 --> 00:43.280]  Today we are going to discuss about how we are going to architect our payment gateways in .NET Core.
[00:43.280 --> 00:50.140]  That is, here I am using Stripe. You can use some other third party tools like Payble, whatever it is.
[00:50.140 --> 00:55.480]  Wherever we are using the bank credentials, wherever we are using the customer end details,
[00:55.480 --> 01:01.840]  we need to follow the compliance rule so that we can have the security as well as we can prevent from data breach.
[01:01.840 --> 01:09.340]  That is the main concern of security. That is the main concern of everyone to make the apps available to user end.
[01:09.340 --> 01:14.660]  Security is the main thing that makes us important to work with the banking clients.
[01:14.660 --> 01:20.840]  So, I choose this platform as a basic platform to implement the security.
[01:20.840 --> 01:30.080]  At first, today as a demo, we are first going to see how exactly our payment gateway is designed in our .NET Core.
[01:30.080 --> 01:37.060]  Every framework has its own style of doing the payment activities or some other activities.
[01:37.240 --> 01:45.360]  So, .NET Core has some special architecture. So, we need to understand the architecture to implement the payment activity.
[01:45.400 --> 01:51.060]  So, let's go to the next slide. I want to explain about myself. Who am I?
[01:51.060 --> 01:55.300]  So, it may be fit to you to understand the titles. Very good.
[01:55.300 --> 02:01.260]  I am Menaka Bhaskar Pillai. I am working as an associate software engineer at Accenture Digital.
[02:01.260 --> 02:08.440]  And I am a C-Shop Corner MVP with Azure and .NET certified professional with a blogger and an international speaker.
[02:08.440 --> 02:14.760]  You can reach out to me via my LinkedIn or Twitter as well as you can drop me mail. I will keep on checking.
[02:14.760 --> 02:19.320]  For any doubts and clarification, you can approach me via any of this platform.
[02:19.320 --> 02:28.760]  So, let's begin our slides of how we are going to explore our architecting the payment gateways in our .NET Core.
[02:29.000 --> 02:32.060]  So, what we are going to discuss today?
[02:32.060 --> 02:38.300]  The agenda is the main thing that gives the detail of what we are going to see in further upcoming slides.
[02:38.300 --> 02:41.860]  Why payment security is important at its peak now?
[02:41.860 --> 02:44.620]  What are the key features of payment app?
[02:44.620 --> 02:47.920]  Why we go to .NET Core for payment integration?
[02:47.920 --> 02:55.380]  Key components in Azure for secure payments, Azure payment processing environments, Azure security capabilities.
[02:55.380 --> 02:59.140]  You can see two words as common, .NET Core and Azure.
[02:59.140 --> 03:03.820]  Because as a .NET developer, we guys are not using .NET Framework.
[03:03.820 --> 03:07.260]  Even it has the upgraded version that is similar to .NET Core.
[03:07.260 --> 03:12.640]  .NET Core supports each and every OS that starts from Linux to Mac to Windows.
[03:12.640 --> 03:15.580]  But .NET Framework supports only Windows.
[03:15.580 --> 03:21.040]  So, that's the main reason we are facing many difficulty to implement the solution via .NET Framework.
[03:21.040 --> 03:23.220]  So, we are migrating to .NET Core.
[03:23.220 --> 03:27.100]  And another thing is .NET Core support the open source platform.
[03:27.100 --> 03:30.820]  So, you can take the code and you can also contribute your code.
[03:30.820 --> 03:35.840]  So, that's the only reason we are going behind the .NET Core.
[03:35.900 --> 03:44.060]  Implementing security behind the scenes is very complicated compared to doing with .NET Core and Azure.
[03:44.060 --> 03:49.580]  As a cloud provider, Azure is growing as a faster and faster in implementing the security.
[03:49.580 --> 03:54.920]  It have lot of services that been used for securing your application.
[03:55.200 --> 04:04.680]  For a business need or on the basics of business requirement, you can use any of the service that makes your application secure from each and every point.
[04:04.680 --> 04:11.920]  Today, we are going to discuss the start and end wherever we can implement Azure in securing your web application.
[04:11.920 --> 04:20.040]  Before that, we need to understand the architecture of how exactly the payment application can be implemented using the .NET Core.
[04:20.040 --> 04:28.820]  So, I created a small demo to view you how the architecture of the payment application looks alike.
[04:28.820 --> 04:34.900]  So, we can see the demo at the middle of the topic where .NET Core comes for the payment integration.
[04:34.900 --> 04:37.660]  Before that, we can go to our next slide.
[04:38.580 --> 04:41.780]  Why payment security is important at its peak?
[04:41.780 --> 04:53.720]  You can see, payment security is the place where the customer is giving his card details for his owner whom he want to pay something.
[04:53.720 --> 04:57.380]  My card is more valuable as compared to my life.
[04:57.380 --> 05:05.960]  Any breach in data or any security incompetence that leads to the amount from my card that been disappeared.
[05:05.960 --> 05:11.200]  And second thing, my entire details and personal and professional details can also be leaked.
[05:11.200 --> 05:14.100]  That can impact my family circumstance also.
[05:14.100 --> 05:21.320]  So, implementing security in payment gateway is very major and it's very trendful in today's concern.
[05:21.320 --> 05:26.560]  Every banking securities are being highly concerned about implementing the security.
[05:26.560 --> 05:32.740]  So, the usage of mobile payment expected to reach by dollar 503 billion by 2020.
[05:32.740 --> 05:46.200]  So, what they are telling is, we are not going to the traditional approach of paying something with via our website where it is highly protected environment where we need to log in again and get to method transaction detail.
[05:46.200 --> 05:51.700]  And again we are giving some detail to encrypt your details that you are the one who belong to that bank.
[05:51.700 --> 05:56.580]  We are easily accessing everything from our mobile including the payment application.
[05:56.580 --> 06:02.640]  I am, I can say like Paytm also, other application, everything been integrated with the payments.
[06:02.640 --> 06:08.100]  So, I am ordering something in Flipkart that takes me directly to my GPay or another wallet.
[06:08.100 --> 06:09.940]  So, I can add my payment.
[06:09.940 --> 06:16.280]  So, nothing of the application nowadays they are developing is with payment, without payment is very rare.
[06:16.280 --> 06:21.620]  So, the concentration of security also booming here to 2025.
[06:22.480 --> 06:28.800]  In addition 75% of all financial transaction will be cashless by 2025.
[06:28.800 --> 06:31.520]  You can consider now itself it's a Corona time.
[06:31.520 --> 06:34.000]  We are having the payment application.
[06:34.000 --> 06:36.360]  So, we are directly paying without card.
[06:36.360 --> 06:42.060]  So, what exactly here happening is I don't need to depend on someone or my card to pay my cash.
[06:42.060 --> 06:43.960]  I can pay by single click.
[06:43.960 --> 06:48.660]  So, that is the concern that makes the security as important in today's scenario.
[06:50.200 --> 06:53.380]  What are the key features of payment app?
[06:53.380 --> 06:57.240]  Okay, I am developing an application that supports my payment.
[06:57.240 --> 06:59.720]  What are the features I need?
[06:59.720 --> 07:04.500]  What are the features I need to concern while creating or developing an application?
[07:04.500 --> 07:07.740]  First thing, I should have the notification pop-up.
[07:07.740 --> 07:17.280]  Whenever transaction appearing, I need to get notification via my mail, via my SMS, via other things that related to my payment.
[07:17.280 --> 07:19.180]  So, notification is a primary concern.
[07:19.180 --> 07:24.480]  So, I can track the amount that been debited or credited.
[07:24.480 --> 07:26.100]  Billing and invoicing.
[07:26.100 --> 07:31.960]  Billing and invoicing is a track about how much cash I been deposited, how much cash I been withdrawn.
[07:32.040 --> 07:33.780]  Transaction history is a history.
[07:33.780 --> 07:39.140]  So, I can trace this amount, this much amount I been spent, this much amount I been withdrawn.
[07:39.140 --> 07:40.820]  So, fingerprint security.
[07:40.820 --> 07:47.120]  This is a main security that need to be implemented in further upcoming apps if it is not been in before application.
[07:47.120 --> 07:50.780]  So, fingerprint is like a, it is like, it is not similar to everyone.
[07:50.780 --> 07:52.900]  So, it give the distinct of humans.
[07:52.900 --> 07:55.240]  So, I can access via my fingerprint.
[07:55.240 --> 07:56.720]  That is also main thing.
[07:56.780 --> 07:58.820]  Cryptocurrency is a booming technology.
[07:58.820 --> 08:03.440]  Without cryptocurrency, we cannot say like my application is secure or not secure.
[08:03.440 --> 08:08.020]  So, bitcoins and cryptocurrency are leading in securing our application.
[08:08.720 --> 08:12.360]  So, here comes our main topic.
[08:12.360 --> 08:16.060]  Why we go to .NET Core for payment integration?
[08:16.060 --> 08:20.840]  It provides a cloud ready, environmental based configuration system.
[08:20.840 --> 08:28.800]  So, deploying my application which I designed for payment purpose is very easy if it is a .NET Core application.
[08:28.800 --> 08:31.080]  Because everything are very customizable.
[08:31.080 --> 08:36.240]  I don't need to write lot of code to maintain my application or to develop my application.
[08:36.240 --> 08:43.880]  It is a very lightweight because .NET Core itself a lightweight and it stimulates the high performance with modular HTTP request.
[08:43.880 --> 08:48.200]  .NET Core as I said before it is easy to maintain as well as update.
[08:48.200 --> 08:54.340]  As in first slide itself I told why people are migrating even as a .NET developer from framework to .NET Core.
[08:54.340 --> 09:01.180]  It is very, very easy to support every OS starting from Mac, Linux and Windows.
[09:01.180 --> 09:04.860]  So, that is for very good to develop something in .NET Core.
[09:04.860 --> 09:08.980]  So, I don't need to do a code reuse or copy my code to support the other system.
[09:08.980 --> 09:10.480]  It is a scalable one.
[09:10.480 --> 09:14.100]  So, I can able to scale my application as per my trends.
[09:14.100 --> 09:18.640]  Easy to integrate inside and outside as well as on Google Cloud Platform.
[09:18.640 --> 09:24.780]  Along with other Cloud Platform that using Agilnix or IIS or other supports.
[09:25.100 --> 09:35.240]  So, let's see here itself a demo how exactly the architecture of the application via .NET Core will be looks like.
[09:35.240 --> 09:40.940]  So, I am going to my coding session where I implemented a simple application.
[09:40.940 --> 09:45.000]  That uses the payment third party tool.
[09:45.000 --> 09:50.220]  So, see this is how my architecture looks like.
[09:50.220 --> 09:54.020]  I choose .NET Core web MVC.
[09:54.020 --> 09:57.340]  So, I have my views, model and controller folder.
[09:57.340 --> 10:00.820]  Startup is the place where my code starts to work.
[10:00.820 --> 10:05.400]  So, I need to register my middleware, HTTP, every action been performed here.
[10:05.400 --> 10:11.560]  I am using third party tool called Stripe to integrate my payment in my application.
[10:11.760 --> 10:19.220]  So, if you are using any tool for integration either it is a Paypal or Stripe or anything.
[10:19.220 --> 10:21.460]  Just go to the official documentation.
[10:21.460 --> 10:24.700]  You can get idea how to integrate with your SDK.
[10:24.700 --> 10:26.400]  It's a Java or .NET Core.
[10:26.400 --> 10:28.460]  Since I am doing .NET Framework.
[10:28.460 --> 10:31.940]  I am just converted that to my .NET Core Platform.
[10:31.940 --> 10:34.180]  So, since I am a .NET developer.
[10:34.180 --> 10:38.960]  I just use the .NET Core for implementing the payment solutions.
[10:39.620 --> 10:44.360]  So, what I am doing is for implementing the Stripe.
[10:44.360 --> 10:45.940]  We need to have two things.
[10:45.940 --> 10:48.940]  That are the environmental thing that remains constant.
[10:48.940 --> 10:53.380]  Here I am declaring my environmental variable as in app setting.json.
[10:53.380 --> 10:56.700]  So, it's easy for me to work on that.
[10:56.700 --> 10:59.460]  Sorry, here it's app setting development.json.
[10:59.460 --> 11:04.060]  It holds the two primary things like publishing key and my secret key.
[11:04.060 --> 11:08.560]  This acts as a main thing while we are doing our transaction.
[11:08.560 --> 11:15.160]  So, in order to use our keys from the app setting to our controller or model class.
[11:15.160 --> 11:19.680]  We need to register or we need to consume this value to our startup class.
[11:19.680 --> 11:24.040]  So, that it may be available to all of our services.
[11:24.040 --> 11:26.340]  So, what I am doing here is.
[11:26.340 --> 11:36.990]  I am just configuring my key here.
[11:37.130 --> 11:41.750]  So, this is the thing that we, this is a common thing that you need to do.
[11:41.750 --> 11:46.470]  Like I am getting the value of secret key that is a mandatory step to be done.
[11:46.470 --> 11:52.710]  So, what I am doing is I already have my class that holds the method of set API key.
[11:52.710 --> 11:55.790]  This sets the key API from the secret key.
[11:55.790 --> 11:59.930]  After doing that I need to register my class that going to use.
[11:59.930 --> 12:01.530]  Because tightly coupled class.
[12:01.530 --> 12:04.570]  So, I just need to do this by using a class.
[12:04.570 --> 12:10.090]  So, I just created a data class inside my model folder to use those keys.
[12:10.090 --> 12:17.010]  So, those both the keys what you declared in app setting.json need to be declared here also with the same name.
[12:17.010 --> 12:19.810]  So, here I want to bound my values.
[12:19.810 --> 12:24.190]  So, from the app setting.json which is declared here.
[12:25.590 --> 12:28.130]  So, I registering my class.
[12:28.130 --> 12:31.570]  So, I can use my class via injection dependency.
[12:31.770 --> 12:34.470]  So, configuration dot get section.
[12:34.470 --> 12:39.490]  So, this get section holds the value of both the publish key as well as the secret key.
[12:39.510 --> 12:43.470]  Once it is done I need to design my controller.
[12:43.470 --> 12:45.570]  So, how my values been obtained at.
[12:45.710 --> 12:48.610]  So, I am going to my controller class.
[12:48.650 --> 12:57.230]  Here my controller class has the values of charge that been the both the things been originating from the form of stripe.
[12:57.230 --> 13:00.430]  That I will show while I am running the application.
[13:00.530 --> 13:04.070]  So, it contain the stripe email as well as the stripe token.
[13:04.130 --> 13:07.570]  So, from this I am going to create the customer.
[13:07.570 --> 13:15.170]  I am going to validate my customer like the email of the my email that been I am entering along with the source everything.
[13:15.290 --> 13:18.790]  After that I am just paying some amount by fixed amount.
[13:19.030 --> 13:24.250]  So, while the status code is succeeded I am just viewing my transaction is succeed.
[13:24.250 --> 13:34.530]  So, it is very simple to implement because I just give my end points that is environmental variables in my app setting dot json that is development json.
[13:34.530 --> 13:42.070]  And after that I am consuming my both of my keys like by using a tightly coupled class that I declared as a data class.
[13:42.070 --> 13:48.470]  Once after that as I am just doing the action method by consuming from my view.
[13:48.470 --> 13:55.450]  So, those are my email as well as the token from my view page into my controller.
[13:59.520 --> 14:02.420]  See here I am just using that.
[14:02.520 --> 14:09.260]  After that what I am doing I am just creating the transaction by means of what I want to do.
[14:09.260 --> 14:15.020]  So, I just give the currency value description and everything the charge options I am just creating.
[14:15.020 --> 14:16.900]  After that I am returning the status code.
[14:16.900 --> 14:19.820]  Here you can validate whatever the thing you want.
[14:19.820 --> 14:22.560]  Suppose you want to send some mail you can add those things.
[14:22.560 --> 14:26.980]  It is a additional thing for the deeper application developer you can add those things also.
[14:26.980 --> 14:31.260]  But it is not that much important if you going for a test purpose.
[14:31.260 --> 14:36.580]  For a demo purpose I just want to show you how it works with a third party that is right.
[14:36.680 --> 15:07.730]  So, I am just running it takes some time to load.
[15:09.070 --> 15:25.230]  Yeah, so a simple line of code with very less complication is integrated my payment third party tool with my .net core MVC application.
[15:25.230 --> 15:30.130]  So, what I am doing is I am just testing I already have one card.
[15:30.130 --> 15:32.630]  So, I am just paying this.
[15:33.130 --> 15:35.970]  So, my controller will hit here.
[15:35.970 --> 15:46.390]  So, you can see from the form it takes the values of email as well as my stripe token.
[15:46.390 --> 15:48.200]  That is a token that been generated.
[15:48.650 --> 15:53.110]  Those text box been already designed by stripe we are just consuming.
[15:53.110 --> 16:01.090]  So, just keep in mind giving the name should be very punctual compared to what exactly in your stripe.
[16:01.870 --> 16:08.210]  So, after that I am creating the customer service object and a charge object, charge service object.
[16:08.210 --> 16:13.530]  My customer is creating a new customer using a create operation.
[16:13.810 --> 16:15.490]  Once again it is loaded.
[16:15.690 --> 16:18.430]  You can see my customer while I am hoovering.
[16:18.430 --> 16:24.670]  I have my customer ID and my object and some other detail if you want to give something you can add.
[16:24.670 --> 16:26.830]  I just given the important things.
[16:26.830 --> 16:31.050]  After that my charge service.
[16:32.570 --> 16:36.630]  Here I will have my ID, amount, refunded.
[16:36.630 --> 16:39.150]  You can add all those things if you want.
[16:39.550 --> 16:45.630]  If I am going to design a complete application not for a test I just want to give everything.
[16:45.630 --> 16:47.830]  This is for the charge operations.
[16:47.830 --> 16:56.590]  What kind of charging you are performing like you are charging based on your USD or INR depends upon your currency value.
[16:56.590 --> 16:58.910]  So, this is a charge option that you need to be consider.
[16:58.910 --> 17:04.610]  So, two things you need to consider that is a customer validation that is what we perform before creating the customer.
[17:04.610 --> 17:11.070]  And you are consuming the value from your firm and by means of that you are creating that charge value.
[17:11.310 --> 17:15.310]  So, after that the status code.
[17:15.530 --> 17:20.730]  So, if it is validated I just want to go to the transaction ID.
[17:20.730 --> 17:22.670]  This is for my display purpose.
[17:22.670 --> 17:25.810]  If I want to display my transaction ID I can do here.
[17:25.810 --> 17:27.850]  Or some other email triggering.
[17:27.850 --> 17:30.790]  Every options can be performed after it is succeeded.
[17:30.790 --> 17:33.590]  So, I can able to view this.
[17:34.630 --> 17:37.130]  So, my code succeeded.
[17:37.130 --> 17:39.770]  So, it is returning to view.
[17:41.310 --> 17:42.850]  Transaction is succeeded.
[17:42.850 --> 17:45.210]  Check email to view the receipt.
[17:46.550 --> 17:48.630]  Okay, it's fine.
[17:48.630 --> 17:54.150]  This is already the running application that I have already the stored value.
[17:54.150 --> 17:56.510]  What if I want to do from the scratch?
[17:57.370 --> 17:59.850]  Where I been written those kind of script?
[17:59.850 --> 18:03.310]  What I am having in my view page?
[18:03.310 --> 18:04.830]  So, I will show that also.
[18:04.830 --> 18:06.410]  It's taking to load.
[18:20.330 --> 18:22.210]  So, pay with card.
[18:25.760 --> 18:29.200]  No, I do not want to do for the existing detail.
[18:29.200 --> 18:31.420]  I want to do some cookie clear out or something.
[18:31.420 --> 18:32.520]  So, it will clear.
[18:32.520 --> 18:37.880]  Mostly for banking details we should not use this type of card registering.
[18:37.880 --> 18:41.940]  Until unless it is necessary we should not have the practice of this.
[18:41.940 --> 18:44.980]  Just I am going to give something like.
[18:53.380 --> 18:57.860]  So, for testing purpose this have some test mode.
[19:07.690 --> 19:11.630]  Take any card number from this for testing purpose.
[19:19.960 --> 19:25.120]  So, give the year and because expiry date will be future.
[19:25.120 --> 19:28.240]  So, give something in future dates.
[19:28.240 --> 19:30.160]  And give any three numbers.
[19:30.160 --> 19:31.840]  Because it's for testing.
[19:33.100 --> 19:34.060]  Sorry.
[19:34.840 --> 19:37.020]  And zip code is location code.
[19:41.030 --> 19:42.730]  Do you remember me?
[19:42.730 --> 19:44.850]  And it will ask you a phone number.
[19:45.610 --> 19:49.230]  You can give your original number or something somewhere.
[19:49.230 --> 19:54.450]  But don't give the usable number because it will trigger the start message to them.
[19:54.630 --> 19:57.410]  So, give something that is not existing.
[19:57.570 --> 20:00.990]  If it is validated only it will show you green tick.
[20:01.170 --> 20:03.030]  So, it's validated.
[20:03.990 --> 20:06.230]  So, I can just give continue.
[20:06.930 --> 20:10.090]  Because I don't need to explore because I already explored that.
[20:11.510 --> 20:14.430]  So, see the new code also.
[20:14.430 --> 20:15.670]  Transaction has succeeded.
[20:16.790 --> 20:18.830]  Check email to view the report.
[20:18.830 --> 20:23.370]  So, my view page holds all my details.
[20:23.810 --> 20:31.010]  So, view page will be like you need to add the view from customizable view or from the existing view.
[20:31.010 --> 20:35.170]  I just use the existing views because I am showing everything in a single page today.
[20:35.230 --> 20:37.170]  So, this is back.
[20:37.170 --> 20:41.430]  I just need to add the script of this type along with the other future.
[20:41.430 --> 20:44.670]  These are the futures that been displayed in your form.
[20:44.670 --> 20:53.250]  So, if you want to add a zip local code or something you can add here or it is a inbuilt property.
[20:53.250 --> 20:59.610]  So, you can choose auto property to set in your that you need to add some flavors to your form.
[20:59.610 --> 21:01.270]  So, those things are customizable.
[21:01.270 --> 21:02.970]  You can add those things.
[21:02.970 --> 21:10.310]  That is guys this is how our payment gateway looks like using the integration with the third party tool.
[21:10.310 --> 21:15.690]  Looks while we are constructing architecting in our .net core.
[21:15.730 --> 21:17.670]  Do you feel this is secure?
[21:17.670 --> 21:23.010]  I can develop like this and I can give to my customer and to yeah start doing your payment.
[21:23.010 --> 21:25.650]  I just do a deployment in my production and give.
[21:25.830 --> 21:29.690]  No, because this is not at all a secure one.
[21:29.690 --> 21:36.770]  It is not even having authentication or the any token validation whether the user is existing or not existing.
[21:36.770 --> 21:38.890]  And my values been already registered.
[21:38.890 --> 21:40.070]  So, it is not secure.
[21:40.070 --> 21:46.030]  So, how we are going to implement the security for the same application via Azure?
[21:46.030 --> 21:52.670]  If you want to implement security for the same application with Azure, we have lot and lot of services.
[21:52.670 --> 21:59.790]  As I said before based on your requirement based on your need decide what kind of security you want.
[21:59.790 --> 22:03.510]  How much approach how much you want to deal with your application?
[22:03.510 --> 22:06.280]  How much compliance your application need to be?
[22:06.280 --> 22:14.220]  So, we are going to see some of the Azure service that is used to implement the security in your payment application.
[22:14.220 --> 22:20.240]  And that is very much useful for architecting your application with wide level of security.
[22:20.240 --> 22:22.120]  So, let us go to our slide.
[22:30.270 --> 22:34.610]  So, key Azure component to secure your payments.
[22:34.610 --> 22:36.710]  This is very limited guys.
[22:36.710 --> 22:47.350]  If you go with Azure's complete services there are lot and lot of security components that can you can use in nook and corners of your application development.
[22:47.350 --> 22:55.790]  But these are the very basic services that in ready in a normal payment application should needs need to be done.
[22:55.790 --> 22:59.910]  So, the main thing is like Azure AD application.
[22:59.910 --> 23:04.510]  I am doing something with my windows authentication that is up to my windows.
[23:04.510 --> 23:09.110]  I cannot say after I am published to my Azure app service.
[23:09.110 --> 23:12.430]  I deployed my application and after that I published my application.
[23:12.430 --> 23:14.730]  I want to deal every user in a cloud.
[23:14.730 --> 23:16.990]  I can use Azure AD application.
[23:16.990 --> 23:20.050]  So, that it authenticate the user along with this password.
[23:20.050 --> 23:26.730]  So, the particular person with the particular knowledge of particular thing he have can able to login.
[23:26.730 --> 23:29.250]  Even that also provided by the cloud service.
[23:29.250 --> 23:32.630]  That is quite good because my application is also already in my cloud.
[23:32.630 --> 23:35.590]  And my application authentication is also in my cloud.
[23:35.590 --> 23:40.450]  So, this is the first way to secure your application if you are using the payment gateways.
[23:40.450 --> 23:42.810]  After that Azure key wallets.
[23:43.050 --> 23:45.150]  Whenever my token is getting originated.
[23:45.150 --> 23:47.110]  I want somewhere to store my token.
[23:47.110 --> 23:49.890]  So, I can use my token to secure my application.
[23:49.930 --> 23:53.830]  I cannot simply store my tokens that been originated in my application somewhere.
[23:53.830 --> 23:55.810]  So, I can use again reuse again.
[23:55.810 --> 23:57.530]  So, we can use Azure key wallet.
[23:57.530 --> 24:01.150]  So, it is a secure platform you can keep everything.
[24:01.150 --> 24:04.390]  It name itself and its symbol itself have the key symbol.
[24:04.730 --> 24:08.570]  So, then Azure SQL always encrypted concept.
[24:08.570 --> 24:15.430]  This is the main concept and main thing that need to be concerned while we are developing from our database end.
[24:15.430 --> 24:18.390]  Because the encrypted concept is very useful.
[24:18.390 --> 24:25.590]  While we are doing something as a backup knowledge of the transaction details or another thing we want to track for every application.
[24:25.590 --> 24:29.890]  So, Azure SQL always encrypted concept is helps a lot.
[24:29.890 --> 24:31.770]  Azure DDoS production.
[24:32.010 --> 24:35.130]  This is a recent production that taken into the account.
[24:35.130 --> 24:42.810]  Because DDoS production plays an important role of security breaches and other security danger and hazardous to your modern web application.
[24:42.810 --> 24:53.150]  So, these are the 5 main core concept that need to be implemented while you are architecting your modern payment gateway or modern payment with any of the third party tools.
[24:53.150 --> 25:02.410]  So, next thing is like this is I want to develop application that is completely secured from my back end to front end even from my data storage.
[25:02.410 --> 25:04.930]  That I need to implement by means of Azure.
[25:04.930 --> 25:07.310]  How can I do that? That's the thing.
[25:07.310 --> 25:16.270]  So, they have every security features that need to be implemented while you are developing your application via Azure.
[25:16.270 --> 25:28.610]  So, if you are using a database at your back end, just try to use the Azure key valid for protecting your all the necessary key values and everything that is like a tokens or something.
[25:28.610 --> 25:34.410]  And there is a special thing for you governing your security of an application called Azure Security Center.
[25:34.410 --> 25:37.870]  And as I told you the encrypt concept there at the SQL.
[25:37.870 --> 25:40.170]  And Azure Blob storage is highly secured.
[25:40.170 --> 25:47.070]  So, you can store your blog or any other file oriented data that is a transaction bills or anything in a blob storage.
[25:47.070 --> 25:53.610]  OMS log analytics used to trace the logs, what are the logs you have been performed from your application level.
[25:53.610 --> 25:59.650]  So, you can implement the security and application insight specially for monitoring your application.
[25:59.650 --> 26:05.050]  So, any insecure communication or insecure request been getting into your application.
[26:05.050 --> 26:06.750]  So, that it will product your application.
[26:07.470 --> 26:13.470]  After that, coming to the Azure Active Directory and our role-based.
[26:13.470 --> 26:16.670]  So, role-based authentication is very important.
[26:16.670 --> 26:18.970]  It is like a role-based access control.
[26:18.970 --> 26:23.290]  It is like what role exactly and how I can secure my application.
[26:23.290 --> 26:25.990]  It is similar along with Azure AD also.
[26:25.990 --> 26:28.810]  We can authenticate the user by AD service also.
[26:28.810 --> 26:34.030]  Once I am coming to my front end, I am using the load balancer that is a payment gateways.
[26:34.030 --> 26:44.310]  So, along with my app service environment, I can customize my application by adding my certificate, SSL certificate or other certificate.
[26:44.310 --> 26:45.750]  So, that is very important.
[26:45.750 --> 26:48.850]  And main thing is like application gateway.
[26:48.850 --> 26:51.610]  Application gateway is very important.
[26:51.610 --> 26:56.610]  Like I can implement by normal third party tool, we have oscillate.
[26:56.610 --> 26:59.770]  If you are going with cloud, you already have the application gateway.
[26:59.770 --> 27:03.030]  So, secure your application, balance your load.
[27:03.030 --> 27:06.010]  Lot of request coming to one server, it is so hard.
[27:06.010 --> 27:09.990]  So, the application gateway split the loads according to the servers.
[27:09.990 --> 27:16.350]  So, it act as the direct contact to your client rather than to your API or some other.
[27:16.350 --> 27:19.290]  So, your client do not need to approach directly.
[27:19.310 --> 27:23.990]  So, all of these are producted by some of the thing is Azure DNS.
[27:24.130 --> 27:27.270]  This is a very main concept if you are developing those things.
[27:27.970 --> 27:35.470]  And along with the middle tier, everything I can be completely wrap up inside my DNS and environment.
[27:35.490 --> 27:42.630]  So, I will have my storage policies along with other security policies and compliance and certified experts.
[27:42.630 --> 27:48.650]  So, that makes my application productive if I am architecting my application via Azure services.
[27:48.650 --> 27:53.390]  So, this is how the exact architecture of your application looks.
[27:53.390 --> 27:59.410]  If you are implementing a normal .NET core application through your Azure service.
[27:59.410 --> 28:03.030]  Guys, think after seeing this what you are getting into the knowledge like.
[28:03.030 --> 28:07.230]  It is very easy and it is very cost conception is very less.
[28:07.230 --> 28:09.650]  And other security breach also very less.
[28:09.650 --> 28:15.350]  I will tell in further slide why my other things also like cost conception is less.
[28:15.350 --> 28:18.330]  As well as why I can say this is a compliance one.
[28:18.330 --> 28:22.870]  Why I can say believe this I can use this much things inside my application.
[28:22.870 --> 28:32.110]  So, this is how exactly architecting the modern payment application via .NET core with Azure service looks like.
[28:32.110 --> 28:37.730]  Use at least some of the services that is very important to your web application.
[28:37.730 --> 28:40.750]  Where you are implementing the payment application things.
[28:40.750 --> 28:43.430]  So, not all services you do need to use.
[28:43.430 --> 28:48.150]  But there are some services you must need to use because of producting your application.
[28:48.150 --> 28:50.830]  Even though you are not using this cloud service provider.
[28:50.830 --> 28:57.950]  There is some other cloud service provider also where you need to use some of the things like authentication, load balancing, API gateway.
[28:57.950 --> 29:07.790]  So, that will act as the productor of your application from malware or another hazardous things from hackers or some things.
[29:08.070 --> 29:12.190]  So, data residency and boundaries.
[29:12.190 --> 29:15.290]  Today we are going to discuss this data residency.
[29:15.290 --> 29:17.770]  Why we need data residency?
[29:17.870 --> 29:21.170]  Like our data been stored in somewhere.
[29:21.230 --> 29:28.290]  So, whenever my data been lost I just need to depend on my own data center where I stored all my data.
[29:28.290 --> 29:35.310]  By using or migrating to cloud it makes me available as a copy or reflect my copy to multiple region.
[29:35.310 --> 29:40.930]  And it is accomplishing my multiple regions as a single availability zone to multiple availability zone.
[29:40.930 --> 29:44.270]  So, inside a single region I will have multiple availability zone.
[29:44.270 --> 29:47.490]  And all the availability zones are interlinked to each other.
[29:47.490 --> 29:52.350]  And I will have another region that both my regions also interlinked to each other.
[29:52.350 --> 30:00.630]  So, for accessing my request and approving my request for performing the action I do not need to depend on something a single availability zone.
[30:00.630 --> 30:03.790]  I can perform everything with my facility perimeters.
[30:03.790 --> 30:09.630]  So, I can have building entrance inside the building and data center floor.
[30:09.630 --> 30:15.870]  So, it is very useful while we are designing our web application with lot of security features.
[30:15.870 --> 30:21.690]  Everything inside a wrap of single thing is very hard to understand and very hard to product the data.
[30:21.690 --> 30:26.250]  We need to keep our eye open to identify where it is, what it is.
[30:26.250 --> 30:30.450]  So, just make and just make this things very clear.
[30:30.450 --> 30:34.450]  Like that is the only reason we are migrating our things to cloud.
[30:34.450 --> 30:43.430]  It provide lot of availability because data breach and data loss is not possible in cloud as we follow its policy futures.
[30:43.430 --> 30:46.470]  So, this is one of the important slide to understand.
[30:47.010 --> 30:49.690]  Azure SQL database security capabilities.
[30:49.690 --> 30:55.830]  As we discussed in our few further slides like in our older slides I think so.
[30:55.830 --> 30:58.450]  We see like encryption concept.
[30:58.450 --> 31:01.070]  By means of this we have the customer data.
[31:01.070 --> 31:06.530]  And we have the information production, threat production, access management and network security.
[31:06.530 --> 31:12.290]  Think someone want to access your data need to pause all of the layer to access your data at the center.
[31:12.290 --> 31:16.730]  That is quite that is even if he breaks the first network security.
[31:16.730 --> 31:23.470]  He need to meet the access management after the threat production, after that information production to reach your customer data.
[31:23.470 --> 31:30.510]  So, our how much our data is being producted inside our cloud by using the Azure SQL database security capabilities.
[31:30.510 --> 31:37.810]  So, if you are working in a DB and it is very good to use DB security capabilities that is Azure security capabilities.
[31:37.810 --> 31:41.770]  So, that makes our application to work good and secured.
[31:42.290 --> 31:44.390]  Industry leading Azure security.
[31:44.390 --> 31:48.770]  We can say why Azure is growing tremendously.
[31:49.490 --> 31:53.230]  If I am choosing Azure as a service provider for me.
[31:53.230 --> 31:59.510]  What is the difference of my cloud service with other services?
[31:59.510 --> 32:00.450]  Why it is?
[32:00.470 --> 32:06.390]  Because for a banking application or some other application where I am using my e-commerce application.
[32:06.390 --> 32:08.370]  Where I am using my customer details.
[32:08.370 --> 32:13.550]  It is not good to go with something which I have no knowledge.
[32:13.550 --> 32:16.410]  Because data privacy is very important.
[32:16.510 --> 32:18.950]  So, why I need to go to Azure?
[32:18.950 --> 32:22.630]  Because the only thing is like it is not a one and only thing.
[32:22.630 --> 32:27.970]  The main thing is like it they invested nearly 1 billion dollar annually.
[32:27.970 --> 32:31.370]  So, for implementing the security future.
[32:31.370 --> 32:33.630]  Not only for Azure security environment.
[32:33.630 --> 32:37.850]  But for all the services in Azure for implementing the security.
[32:37.850 --> 32:42.150]  So, each and every services of Azure implements the security.
[32:42.150 --> 32:49.250]  So, that makes people who works in a normal application to the high end banking application secured in what they are using.
[32:49.250 --> 32:52.670]  And this is around 3500 security expert.
[32:52.670 --> 32:55.930]  And it has post a lot of compliance certification.
[32:55.930 --> 33:02.150]  So, seeing the investment itself we can understand the security experts and the compliance certificate it got.
[33:02.150 --> 33:05.090]  That makes us to move towards the cloud service provider.
[33:05.090 --> 33:12.190]  So, we want to work in a secured environment where you need to keep everything in a very good maintained manner.
[33:12.190 --> 33:13.370]  Well maintained manner.
[33:13.370 --> 33:14.870]  In a secured manner.
[33:14.890 --> 33:24.030]  You can start to implement your cloud service provider Azure to all your activity from back end, front end even at the middle tier also.
[33:24.030 --> 33:26.870]  So, we ended the session.
[33:26.870 --> 33:28.610]  I hope I made your day.
[33:28.610 --> 33:30.510]  Like I just delivered my session.
[33:30.510 --> 33:31.770]  This is a thank you slide.
[33:31.770 --> 33:36.030]  I want to thank you all and everyone for listening my session.
[33:36.030 --> 33:38.050]  For any doubts you can ask me.
[33:38.050 --> 33:40.130]  I am here to clarify your doubt.
[33:40.130 --> 33:43.250]  If the doubts be not satisfactory.
[33:43.250 --> 33:45.170]  You want something to get more.
[33:45.170 --> 33:47.810]  You can approach me again via my social platform.
[33:47.810 --> 33:49.090]  So, I am available.
[33:49.090 --> 33:51.570]  So, this is our today's session guys.
[33:51.570 --> 33:54.310]  Thanks for giving an opportunity to Payment Village.
